Lock in $30 Savings on PRO—Offer Ends Soon! ⏳

Cloud Native時代における Docker / Kubernetes による開発 D...

Cloud Native時代における Docker / Kubernetes による開発 Developers Summit 2019 at 02/14 / devsumi2019_amsy810_k8s

今日Dockerなどのコンテナ技術は広く普及し、GCP・Azure・AWSがマネージドサービスをリリースしたことなどからも、コンテナオーケストレーションエンジンとしてはKubernetesがデファクトスタンダードだと言えます。
本講演ではKubernetesが必要な理由・機能及びコンセプト・解決できる問題について、また分散システムとしてのKubernetesの仕組みについて紹介します。あわせて、コンテナを利用した開発をするにあたり切り離すことのできない「Cloud Native」や「マイクロサービス」の考え方、最近のKubernetesを取り巻く技術動向、将来性についても紹介します。

青山 真也
株式会社サイバーエージェント
アドテク本部 Infrastructure Engineer
Cloud Native Days Tokyo Co-chair/Japan Container Days実行委員/Cloud Native Meetup Tokyo Organizer/Kubernetes Meetup Tokyo Organizer/KubeCon日本人会 Organizer

株式会社サイバーエージェントアドテク本部。2016年新卒入社。OpenStackを使ったプライベートクラウドやGKE互換なコンテナプラットフォームをゼロから構築し、国内カンファレンスでのKeynoteに登壇。その後、世界で2番目にCertified Kubernetes Application Developer、138番目にCertified Kubernetes Administratorの認定資格を取得。著書に『Kubernetes完全ガイド』。現在はKubernetesやOpenStackなどOSSへのコントリビュート活動をはじめ、Cloud Native Days Tokyo Co-chair、CNCF公式のCloud Native Meetup TokyoのOrganizerやJapan Container Daysの運営などコミュニティ活動にも従事しています。

Masaya Aoyama (@amsy810)

February 14, 2019
Tweet

More Decks by Masaya Aoyama (@amsy810)

Other Decks in Technology

Transcript

  1. Masaya Aoyama CyberAgent adtech studio Cloud Native࣌୅ʹ͓͚Δ Docker / Kubernetes

    ʹΑΔ։ൃ Developers Summit 2019 at 02/14 ࢿྉ: http://bit.ly/devsumi 2019 k8s MasayaAoyama @amsy810 Masaya Aoyama CyberAgent adtech studio Cloud Native࣌୅ʹ͓͚Δ Docker / Kubernetes ʹΑΔ։ൃ Developers Summit 2019 at 02/14 MasayaAoyama @amsy810
  2. $58'B@-9C Kubernetes )"  ;: Japan Container Days v18.04 Keynote

    ,&#6(!   .+=4 AWS Dev Day TokyoIBM Think Japan  CKA #138CKAD #2 Masaya Aoyama (@amsy810) Infrastructure Engineer  Co-chair - Cloud Native Days Tokyo B0 Japan Container DaysC Organizer - Cloud Native Meetup Tokyo Organizer - Kubernetes Meetup Tokyo Organizer - KubeCon /1 3! Contribute to OpenStack and Kubernetes 2% KaaS *< / ?7 K8s A>  
  3. Agenda • Cloud Native and Kubernetes • Microservice and Service

    Mesh • Container and Docker • Kubernetes Overview • What is doing Kubernetes • Kubernetes is Framework and Distributed System • CI/CD with Kubernetes/Docker • Future of Kubernetes
  4. CNCF and The Linux Foundation • Kubernetes The Linux Foundation

    CNCF  •     
  5. Cloud Native Cloud native technologies empower organizations to build and

    run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach. These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil. The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by fostering and sustaining an ecosystem of open source, vendor-neutral projects. We democratize state-of-the-art patterns to make these innovations accessible for everyone. CNCF Cloud Native Defenition v1.0, CNCF, 2018-11-28 (https://github.com/cncf/toc/blob/master/DEFINITION.md)
  6. Cloud Native 8 Cloud native technologies empower organizations to build

    and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach. These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil. The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by fostering and sustaining an ecosystem of open source, vendor-neutral projects. We democratize state-of-the-art patterns to make these innovations accessible for everyone. CNCF Cloud Native Defenition v1.0, CNCF, 2018-11-28 (https://github.com/cncf/toc/blob/master/DEFINITION.md) • .0  • & • /- • 4*  • + 3 71 )%5 ($6 " !'2 Open Scalable #,
  7. Microservice and Service Mesh Benefit of Microservice and Service Mesh

    •  •  •  •  • 
  8. Microservice Architecture     ProductPage Reviews Details Ratings

    HTTP/gRPC HTTP/gRPC HTTP/gRPC Bookinfo Application, Istio, 2018-11-28 (https://istio.io/docs/examples/bookinfo/)
  9. %' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A :

    CT/*"$'1T  f^=eO4; 6YBbK-^  2`aG7%' )#!bK ,+?M CT\-E[L   !)&(9A G7CT!)&(  .IV d8,+F0  G7CTd8Z 53 R] H> )#!PQW  Benefit of Microservice Golang Java Scala gRPC REST
  10. %' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A :

    CT/*"$'1T  f^=eO4; 6YBbK-^  2`aG7%' )#!bK ,+?M CT\-E[L   !)&(9A G7CT!)&(  .IV d8,+F0  G7CTd8Z 53 R] H> )#!PQW  Developer Benefit of Microservice
  11. %' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A :

    CT/*"$'1T  f^=eO4; 6YBbK-^  2`aG7%' )#!bK ,+?M CT\-E[L   !)&(9A G7CT!)&(  .IV d8,+F0  G7CTd8Z 53 R] H> )#!PQW  Benefit of Microservice
  12. %' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A :

    CT/*"$'1T  f^=eO4; 6YBbK-^  2`aG7%' )#!bK ,+?M CT\-E[L   !)&(9A G7CT!)&(  .IV d8,+F0  G7CTd8Z 53 R] H> )#!PQW  Benefit of Microservice
  13. %' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A :

    CT/*"$'1T  f^=eO4; 6YBbK-^  2`aG7%' )#!bK ,+?M CT\-E[L   !)&(9A G7CT!)&(  .IV d8,+F0  G7CTd8Z 53 R] H> )#!PQW  Benefit of Microservice
  14. 500+ microservices The Case of Chaos, Bruce Wong, 2014-12-19, (https://www.slideshare.net/BruceWong3/the-case-for-chaos)

    The History of the Service Mesh, The New Stack, 2018-2-13, (https://thenewstack.io/history-service-mesh/)
  15. 500+ microservices The Case of Chaos, Bruce Wong, 2014-12-19, (https://www.slideshare.net/BruceWong3/the-case-for-chaos)

    The History of the Service Mesh, The New Stack, 2018-2-13, (https://thenewstack.io/history-service-mesh/) Can we get Observability?
  16. Service Mesh Architecture (generally) • Microservice • Microservice with Service

    Mesh Proxy App a Proxy App b Proxy App c App a App b App c
  17. Service Mesh  • Circuit Break • Fault Injection •

    Rate Limit • Retry • mTLS Proxy App a Proxy App b Proxy App c #% !$ &) , *'(  + ")
  18. Microservice / Service Mesh  Microservice .H:LB7 &=, 2O 16()FPN0Q

    Service Mesh #@ … • Microservice M )I;5C 9J K! $3/> 8*(/> • AE+  • 4"% • D? • )I; • -< G'(
  19. Container System Container • KVMXen  •  init Application

    Container •     •   
  20. Docker • Docker4%Application Container .71- +8$! • #DevOps/# 2: /3

     6)*5 • 0, Moby"  &9  # containerd ('
  21. Dockerfile  Docker Image FROM centos:7 RUN yum -y install

    epel-release RUN yum -y install nginx COPY nginx.conf /etc/nginx/ ENTRYPOINT ["nginx", "-g", "daemon off;"] Build Once, Run Anywhere   Docker Image Dockerfile
  22. $ docker build . -t sample-image Sending build context to

    Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 75835a67d134 sample-image
  23. $ docker build . -t sample-image Sending build context to

    Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 Step 2/5 : RUN yum -y install epel-release ---> Running in 9db248fc7b9a ... Removing intermediate container 9db248fc7b9a ---> 2fe5a7f8c007 75835a67d134 2fe5a7f8c007 sample-image
  24. $ docker build . -t sample-image Sending build context to

    Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 Step 2/5 : RUN yum -y install epel-release ---> Running in 9db248fc7b9a ... Removing intermediate container 9db248fc7b9a ---> 2fe5a7f8c007 Step 3/5 : RUN yum -y install nginx ---> Running in 0547bd920b0a ... Removing intermediate container 0547bd920b0a ---> 843b47a96c5e 75835a67d134 2fe5a7f8c007 843b47a96c5e sample-image
  25. $ docker build . -t sample-image Sending build context to

    Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 Step 2/5 : RUN yum -y install epel-release ---> Running in 9db248fc7b9a ... Removing intermediate container 9db248fc7b9a ---> 2fe5a7f8c007 Step 3/5 : RUN yum -y install nginx ---> Running in 0547bd920b0a ... Removing intermediate container 0547bd920b0a ---> 843b47a96c5e Step 4/5 : COPY nginx.conf /etc/nginx/ ---> fe63b2d4c95d 75835a67d134 2fe5a7f8c007 843b47a96c5e fe63b2d4c95d sample-image
  26. $ docker build . -t sample-image Sending build context to

    Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 Step 2/5 : RUN yum -y install epel-release ---> Running in 9db248fc7b9a ... Removing intermediate container 9db248fc7b9a ---> 2fe5a7f8c007 Step 3/5 : RUN yum -y install nginx ---> Running in 0547bd920b0a ... Removing intermediate container 0547bd920b0a ---> 843b47a96c5e Step 4/5 : COPY nginx.conf /etc/nginx/ ---> fe63b2d4c95d Step 5/5 : ENTRYPOINT ["nginx", "-g", "daemon off;"] ---> Running in 876ee4d29339 Removing intermediate container 876ee4d29339 ---> b5068171c053 75835a67d134 2fe5a7f8c007 843b47a96c5e fe63b2d4c95d b5068171c053 sample-image
  27.     5: ENTRYPOINT [”/usr/sbin/nginx", "-g", "daemon off;"]

    5: ENTRYPOINT [”nginx", "-g", "daemon off;"]    
  28. Ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/ Ref: https://12factor.net/ B*=C Part of Docker Container Best

    Practice •  @( 1 • "3<  $1BImmutable InfrastructureC • A;8, / 4:8,+" !'9 • #0> ! &  • 59)?.% 8,-2 / 7 •   6  • etc
  29. Container / Docker  VM0 … •  #(+. •

    7':8 • ##,  • /6 %9;=">=!< • Immutable Infrastructure *1 • 35)  • -$& • 42
  30. Container Orchestration Engine (4/0 • 3*Docker2/ • # $ #

    •  $ # / $ $ # • "$ # $ • #-.15 • 6&+!$ # • $ • "$# # • $,')%2/
  31. Container Orchestration Engine CY OP • XE Docker*" SO •

    1 $ ,2.1 • 2.1 / 2"2.1 • 02.1)!2" • 1 $ KLRZ • ^>F /(&2.1 • 2'!%. • 02#%-11 • !2J?D; SO Container Orchestration Engine CY OP • QT9  + • B34 • SO • 8[M  • :N W67 _U IA \ H@] 54 = <G 8V
  32. CNCFStandardization 01.     " (!) OCI v1.0

    02.     #  CRI 03.   #  CSI 04. #  CNI
  33.   Kubernetes Docker   Kubernetes   

    •    CRI   • docker • cri-o • containerd OCI   • runC • gVisor • Kata Containers • Nabla Containers • Firecracker # )!  '(    $"&%
  34. Kubernetes  Design Principles, Kubernetes Community, 2017-11-04 (https://github.com/kubernetes/community/blob/master/contributors/design-proposals/architecture/principles.md) 02 03

    01 Self Healing  ) #"  Automation & Immutable Infrastructure Immutable Infrastructure& # Declarative Code & API  Manifests$" %'API !( Infrastructure as Code
  35. Declarative Code and APIs Developer Register YAML Manifest Kubernetes Cluster

    Manifests API  Infrastructure as Code $ kubectl apply –f manifest.yaml
  36. ReplicaSet  Rolling Update (Automation) • #%"$ /) • $!%

    % • Immutable Infrastructure • #%"$ .& Load Balancer Developer (,   '* Deployment+-
  37. ReplicaSet  Rolling Update (Automation) •   • 

        • Immutable Infrastructure •   Load Balancer
  38. ReplicaSet  Rolling Update (Automation) •   • 

        • Immutable Infrastructure •   Load Balancer
  39. ReplicaSet  Rolling Update (Automation) •   • 

        • Immutable Infrastructure •   Load Balancer
  40. Key points • KubernetesGoogle=/A3.  + #(&$,'Borg%,OSS1  → ;*,),"25<>1

     ?01846 • 7@1 $!*,9-YAML:  → Infrastructure EngineerBOpsC . Server-side Engineer BDevC.
  41.  Kubernetes Developer  !$ % % %%% 1. "

    2.  # 3.   → Control Loop
  42. … Developer  -1 0+) &' )  ! )

      1. +*# .( 2. +*#,"*# %/ 3. , $ → Control Loop
  43. ReplicaSet  *2 + Developer  18 Pod (36 #4

    $Pod ' 9 Pod ' 9 1. / .&5- 2. / .&0%.&,7 3. " ! 0 ) → Control Loop
  44. Custom Resource Definition Developer      1.

     2.  3.    → Control Loop
  45. Kubernetes is more extensible C A D C DBC B

    DA C A C A A F A D2 F C C BB & A BB C A C A C DBC A & A C 2 A CB A A A & B A AD B &B C D C C DC C C 2 Kubernetes       Boring Kubernetes 
  46. Kubernetes is more extensible B C B CAB A C

    2 B B AA & AA 2F B B B D CAB & D 2 B 2BA D 2 & A C A2 &A B C B B 2F CB B B
  47. GitOps Overview        CI

    CD    Kubernetes  D Developer GitOps, Weaveworks, 2018-11-28 (https://www.weave.works/technologies/gitops/)
  48. GitOps - Staging     (staging)  

     CI CD    Staging  D Developer staging branch master branch     (production) Production 
  49. GitOps - Production     (staging)  

     CI CD    D Developer staging branch master branch     (production) Staging  Production 
  50. GitOps     (staging)    CI

    CD    Developer staging branch master branch     (production) Staging  T Production  R R S !$%& #  "  $ E E R R S ""%&  !%&
  51. KubeCon + CloudNativeCon KubeCon + CloudNativeCon Barcelona 2019 Call for

    Proposals (CFP) Is Open, CNCF, 2018-11-28 (https://www.cncf.io/blog/2018/11/16/kubecon-barcelona-2019-call-for-proposals-cfp-is-open/)
  52. Google Kubernetes Engine Managed Kubernetes Serivce Azure Kubernetes Service 2014-11

    2017-02 2017-11 Amazon Elastic Container Service for Kubernetes
  53. Kubernetes for Enterprise •      

    Monzo Bank • Kubernetes + Linkerd (Service Mesh) Building a Modern Bank Backend, Monzo Bank Ltd, 2018-11-28 (https://monzo.com/blog/2016/09/19/building-a-modern-bank-backend/)
  54. CNCFStandardization 01.     " (!) OCI v1.0

    02.     #  CRI 03.   #  CSI 04. #  CNI
  55. 3 I H uNs P /D 6 IBK c a

    io sy P   0 C 1 DD 3 I H W3 I HS M 3 I H & 72 uNs C ID 9 CD H uNs 0BH K L 4 uNs / B 8I uNs /D HI uNs 5 I I uNs uNs N snN s h l o y f fl y s N snr N tk ye & hs c N uNsu ghd v o y /2 /0 fl N s 8 KB 5 HA 3 I H dNkyl 3 I H b